Bitlocker issue

Bitlocker issue

Hi, I have a Win8 Pro laptop with a single SSD. I just encrypted the entire drive using Bitlocker. The process prompted me to save the recovery key, which I did to an external drive. The encryption was successful but nowhere during the process was I prompted to choose a password. So I have the drive encrypted but when I reboot it does so normally without asking me for a key or password to access the drive. Did I do something wrong? thanks

If so, then this would be normal if you have the USB flash drive connected while the PC boots. When the PC boots, it will automatically read the startup key from the connected USB flash drive, and allows Windows 8 to start.

Hi Brink, yes, the laptop does have TPM. I don't know exactly what TPM is or how it works, or if my laptop's TPM is hardware or software based. In any case, I tried booting both with the USB flash drive connected and unplugged and even when unplugged the laptop boots normally without any restrictions, even though Bitlocker as I said encrypted the whole drive.

The startup key is stored automatically on the TPM when you have a TPM, and is why it's unlocked at startup.

If the hard drive was removed from the PC, then it would not be accessible.

You could open the Control Panel (icons view), click on "BitLocker Drive Encryption" icon, expand "OS drive", and see if you may have an option to add a password to have to enter it at boot before being able to unlock the OS drive.

Hi Brink, thanks for your follow up. I understand what you said, however, what if my laptop is stolen? Then Bitlocker with TPM is useless, because I checked Control Panel/Bitlocker Drive Encryption and under the OS drive ("C") there is no option to add a password, and the thief would have unrestricted access to the hard drive.
I checked the BIOS and there is an option to set a machine access password, but then this isn't Bitlocker related and offers a lower degree of protection than encryption.
Is there a turnaround to this? I mean a way to set a TPM machine access password? If not I guess I will try TrueCrypt.
Thanks again.

I don't have a TPM to work with, but you should be able to set group policy in step 1 of OPTION ONE in the tutorial below for this. Afterwards, check in Control Panel/Bitlocker Drive Encryption under the OS drive to see if you have any option to use a USB flash drive, PIN, or password.

This policy setting allows you to configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLocker with or without a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.

Note: Only one of the additional authentication options can be required at startup, otherwise a policy error occurs.
If you want to use BitLocker on a computer without a TPM, select the "Allow BitLocker without a compatible TPM" check box. In this mode either a password or a USB drive is required for start-up. When using a startup key, the key information used to encrypt the drive is stored on the USB drive, creating a USB key. When the USB key is inserted the access to the drive is authenticated and the drive is accessible. If the USB key is lost or unavailable or if you have forgotten the password then you will need to use one of the BitLocker recovery options to access the drive.

On a computer with a compatible TPM, four types of authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can use only the TPM for authentication, or it can also require insertion of a USB flash drive containing a startup key, the entry of a 4-digit to 20-digit personal identification number (PIN), or both.

If you enable this policy setting, users can configure advanced startup options in the BitLocker setup wizard.

If you disable or do not configure this policy setting, users can configure only basic options on computers with a TPM.

Note: If you want to require the use of a startup PIN and a USB flash drive, you must configure BitLocker settings using the command-line tool manage-bde instead of the BitLocker Drive Encryption setup wizard.

Thanks Brink. I enabled "Require additional authentication at startup" in the Local Group Policy Editor as outlined in your steps but no additional options show up in Control Panel/Bitlocker Drive Encryption (PIN, Password, etc).

Yes! I turned Bitlocker OFF and then back ON (it had to re encrypt the drive again ) and now I'm prompted for a PIN after each boot before accessing the machine (which I guess is the same as a password, as an option for a password was not present). I was also given the option for USB. Thanks!!

Information: I used to have BitLocker enabled until a few minutes ago. A few weeks ago, I reduced the page file size to about 2-4 GB since Windows decided suddenly to eat up 8 GB of my drive with pagefile nonsense. I have since changed it back, as of a few minutes ago. My system has a Sandisk SSD...

I turned on Bitlocker on three new Windows 8.1 laptops and saved the 48-digit recovery keys and associated identifiers, but I forgot to indicate which laptops they are associated with. Is there any way to find the identifiers/recovery keys on my laptops so I can document this? Or do I have to...

Hello,
I was wondering if anyone could help me. I recently upgraded my windows 8.1 to windows 8.1 pro as I wanted to enable bitlocker encryption on the laptop.
The issue is that I can't seem to enable or find bitlocker in any of the area's outlined. When I try to right click on the C: drive...

Dear All,
I have different versions of Windows 8(Ent,Pro-8,8.1) installed in the laptops. I am getting an error while trying to enable the bitlocker.
44237
It restarts to enable the TPM hardware. I press the key to activate the TPM and then it boots to the OS normally. Then gives this...

i had 2 partitions of my 1TB External HDD encrypted with bitlocker, took backup of my laptop on it (including recovery keys backup files). formated my laptop reinstalled windows and now password works fine on one of the external HDD partition but on the other partition it is not accepting it and...

Hey! I activated Bitlocker for my Operating system drive on a Windows 8 machine. But when starting the process I only can back up the recovery key. I have no dialog to choose how to unlock the drive. Thus even though Bitlocker is running, the PC can be turned and windows can be accessed by common...